Webproxy Trough Squid
Mar 10, 2007
I want visitors from my site to be able to connect trough my squidproxy (installed on the same webserver as the site is) They will only be able to visit 3 or 4 sites trough the proxy. (These will be added to a whitelist in squid)
Preferably i want to to set it up so that users MUST visit my website to make the connection trough squid. Squid is already setup, but how do i link a site trough squid?
Preferably i would like users be able to click a link on my website, that opens an external site trough squid.
View 2 Replies
ADVERTISEMENT
Nov 16, 2008
After having conversation with many WHT members and few other system admins I have not been been to resolve an issue yet.
I have a Basic VPS and squid runs fine on it.
Debian 4
Squid 3
Now the issue is that I have 2 IP allocated to my VPS. But no matter what configuration i have on squid.conf file , no matter what version of Squid i use,I am not able to have the additional Ip on my vps as Outgoing External IP address.
I have also tried this config setting :
acl ip1 myip 192.168.1.2
acl ip2 myip 192.168.1.3
acl ip3 myip 192.168.1.4
tcp_outgoing_address 192.168.1.2 ip1
tcp_outgoing_address 192.168.1.3 ip2
tcp_outgoing_address 192.168.1.4 ip3
But no luck yet.
View 4 Replies
View Related
Jul 30, 2007
I currently have a site running on 8 servers : 5 web servers (apache2/php5), 2 DB servers (mysql 5), and one front reverse proxy server.
Currently I use apache as the reverse proxy (with mod_proxy of course).
I have it do 3 type of things:
1) serve some static files (the website's static files) directly from the front server. The files are stored in local directories.
2) cache some other static files (user uploaded images and files) on the front server after downloading them once from the backend webservers. This is done via mod_cache.
3) route some requests to specific web servers depending on a subdomain (on the first few letters of the subdomain more precisely). To do this i use rewrite rules like :
RewriteCond %{HTTP_HOST}^sub1(.*).domain.com$
RewriteRule ^(.*) http://sub1%1.webserver1.com/$1 [P,L]
RewriteCond %{HTTP_HOST}^sub2(.*).domain.com$
RewriteRule ^(.*) http://sub2%1.webserver2.com/$1 [P,L]
etc.
My web servers are not in a cluster from this point of view, so it is important that the reverse proxy is able to route requests based on subdomain like this.
Now I have a few weird performance problems on the front server. CPU, hard disk usage and memory usage keep staying at relatively constant (and always low) levels, yet the server load periodically spikes to places anywhere between 4 and 12 during the day. This seems to be mod_cache related (spikes disappear when i disable it) but I can't figure what's happenning, and I'm reading everywhere squid is a better alternative to do reverse proxying.
Only, I don't know if i can do the same as mentionned above with squid. From what I read, I know I can do 2). However I'm not sure if squid is able to serve some files (based on URL patterns) directly from the local file system rather than querying them / caching them locally ? And can squid route the reverse proxy requests to different web servers based on the subdomain in a URL?
View 6 Replies
View Related
May 29, 2008
The DC installed Squid. It manages the load fine but the php code on my page is cached and doesn't work.
Is there a way to get squid to not cache php? in that httpd can directly call php while squid does everything else?
View 1 Replies
View Related
Apr 5, 2009
I just installed Squid V3. I set up putty to ssh socks proxy to my vps that I installed squid on.
Here is a snippet of my cache.logs, but there is no cache log of websites I have visited. The access.log is empty.
How to I tell if squid is working?
Quote:
2009/04/04 22:52:37| Starting Squid Cache version 3.0.STABLE13-20090405 for i686-pc-linux-gnu...
2009/04/04 22:52:37| Process ID 9886
2009/04/04 22:52:37| With 1024 file descriptors available
2009/04/04 22:52:37| Performing DNS Tests...
2009/04/04 22:52:37| Successful DNS name lookup tests...
2009/04/04 22:52:37| DNS Socket created at 0.0.0.0, port 36048, FD 7
2009/04/04 22:52:37| Adding nameserver 208.67.222.222 from /etc/resolv.conf
2009/04/04 22:52:37| Adding nameserver 208.67.220.220 from /etc/resolv.conf
2009/04/04 22:52:37| Unlinkd pipe opened on FD 12
2009/04/04 22:52:37| Swap maxSize 102400 KB, estimated 7876 objects
2009/04/04 22:52:37| Target number of buckets: 393
2009/04/04 22:52:37| Using 8192 Store buckets
2009/04/04 22:52:37| Max Mem size: 8192 KB
2009/04/04 22:52:37| Max Swap size: 102400 KB
2009/04/04 22:52:37| Version 1 of swap file with LFS support detected...
2009/04/04 22:52:37| Rebuilding storage in /usr/local/squid/var/cache (CLEAN)
2009/04/04 22:52:37| Using Least Load store dir selection
2009/04/04 22:52:37| Set Current Directory to /usr/local/squid/var/cache
2009/04/04 22:52:37| Loaded Icons.
2009/04/04 22:52:37| Accepting HTTP connections at 0.0.0.0, port 8080, FD 14.
2009/04/04 22:52:37| Accepting ICP messages at 0.0.0.0, port 3130, FD 15.
2009/04/04 22:52:37| HTCP Disabled.
2009/04/04 22:52:37| Ready to serve requests.
2009/04/04 22:52:37| Done reading /usr/local/squid/var/cache swaplog (0 entries)
2009/04/04 22:52:37| Finished rebuilding storage from disk.
2009/04/04 22:52:37| 0 Entries scanned
2009/04/04 22:52:37| 0 Invalid entries.
2009/04/04 22:52:37| 0 With invalid flags.
2009/04/04 22:52:37| 0 Objects loaded.
2009/04/04 22:52:37| 0 Objects expired.
2009/04/04 22:52:37| 0 Objects cancelled.
2009/04/04 22:52:37| 0 Duplicate URLs purged.
2009/04/04 22:52:37| 0 Swapfile clashes avoided.
2009/04/04 22:52:37| Took 0.02 seconds ( 0.00 objects/sec).
2009/04/04 22:52:37| Beginning Validation Procedure
2009/04/04 22:52:37| Completed Validation Procedure
2009/04/04 22:52:37| Validated 25 Entries
2009/04/04 22:52:37| store_swap_size = 0
2009/04/04 22:52:38| storeLateRelease: released 0 objects
2009/04/04 22:59:06| Squid is already running! Process ID 9886
View 10 Replies
View Related
Jun 25, 2008
to install squid-2.5.STABLE14 with yum, but when i run "yum install squid" another version going for install.
View 2 Replies
View Related
Jul 22, 2008
Whenever I am using getacoder and try to post a message on the private message boards I get a squid error like this:
ERROR
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to retrieve the URL: [url]
The following error was encountered:
Zero Sized Reply
Squid did not receive any data for this request.
Your cache administrator is webmaster.
--------------------------------------------------------------------------------
Generated Tue, 22 Jul 2008 16:09:13 GMT by igw-ipcop.netarcs.com (squid/2.5.STABLE14)
Could anyone with server geekish skills tell me what may be the problem here might be (I should mention that their annoying support contact form uses the same script hence I can't even get in touch)? What's that ipcop thing about? Do they have some program at the server level filtering IP and mine is no good or what?
View 6 Replies
View Related
Jun 21, 2007
I'm aware the REMOTE_ADDR revealed in Squid needs to be a legitimate IP address to communicate properly across the internet. But I'd like Squid to use and publically reveal a different IP address than the default system IP address on our proxy servers. Does anyone know if its possible to make the Squid REMOTE_ADDR use a different IP address on the system other than default.
I've defined a different IP address and port for http_port at the top of the squid.conf file. And I can connect to this IP address and Port successfully. But when I run the connection through an IP address checker, or session environment test, it reveals the actual system IP address and not the http_port IP address.
View 0 Replies
View Related
Jan 28, 2007
Can someone provide me a guide to fully install and configure Squid.
View 2 Replies
View Related
Jul 27, 2007
I'm trying to set up a caching squid server to speed up website access. How can I selectively choose to cache certain PHP scripts while ignoring others? I can't seem to get it to work. I've commented out the following lines:
#acl QUERY urlpath_regex cgi-bin?
#no_cache deny QUERY
Yet in the squid/access.log file, I'm still seeing these:
Code:
1185561374.207 47 192.168.1.101 TCP_MISS/200 22267 GET http://www.mysite.com/? - DIRECT/192.168.1.108 text/html
View 1 Replies
View Related
Sep 1, 2007
I want to software load balance one of my website using squid. It doesn't look like it is possible with squid 2.5. Squid 2.6 is a upgrade for FC6. I am running FC4 and it cannot be installed with a lot of dependency failures.
Has anyone successfully installed Squid 2.6 on FC4?
View 1 Replies
View Related
May 21, 2009
i need help regarding my squid proxy when i go to this site. whatismyip.com i have this result
Your IP Address Is: 119.95.IP.IP
Other IPs Detected: 67.IP.IP.185
Possible Proxy Detected: 1.1 67.IP.IP.185ORT (squid/2.6.STABLE21)
how can i completly hide my ip via squid? this squid is running on my dedicated server,
View 2 Replies
View Related
Oct 4, 2008
I would like to use cPanel Apache as the backend web server, and Squid cache as the front end http accelerator.
My VPS has two IP addresses, however, I want the httpd acceleration to occur only on one IP.
So far, I have installed squid cache and edited its config file to this:
http_port 74.50.118.189:80
httpd_accel_host localhost
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_uses_host_header on
acl all src 0.0.0.0/0.0.0.0
http_access allow all
My site has a few subdomains and I would like them to work.
So, what do I do now in the apache config (which I think is here: /etc/httpd/conf/httpd.conf ?)
View 1 Replies
View Related
Apr 19, 2007
For 2 weeks I am under DDoS.
The type of DDoS is the one that comes from DC clients.
I have managed to mitigate the attack and to get everything working ok.
I do not like the solution I came up with for many reasons and I found that squid can be good on stopping bad requests like the one that DC clients send when the attack occurs.
I am kinda new to squid and I do not know all the settings.
I have configured It and everything works great when there is no DDoS.
But when the attacks starts , nothing works. Squid does not log anything in access_log and also, there is no load, just a lot of connections to squid.
Is there a limit for max concurrent connections in squid ?
Or the ideea of using squid as a reverse proxy without caching, just to stop bad requests is a bad one ? (I do not need snort-inline, I have some issues with it).
View 2 Replies
View Related
Oct 7, 2007
Im currently running cent0S 5. I recently just installed Squid Version 2.6.STABLE6 for a client to enable him to use as proxy. However it seems that sites like whatismyip.com and ipchicken.com are resolving back to my clients IP address and not the servers.
There is only one IP on my server and I think the problem may deal with X-Headers? (correct me if I am wrong)
Is there any way to use the server IP address for when my customer is using the proxy server.
My squid.conf looks like the following:
Code:
Code:
http_port 8080
forwarded_for off
icp_port 0
cache_mem 64 MB
cache_dir ufs /var/spool/squid 100 16 128
maximum_object_size 4096 KB
cache_store_log none
cache_access_log /var/log/squid/access.log
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin ?
no_cache deny QUERY
visible_hostname proxyserver
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src xxx.xx.xxx.xxx
acl SSL_ports port 443 563 10000
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl Safe_ports port 901
acl purge method PURGE
acl CONNECT method CONNECT
acl LocalNet src xxx.xx.xxx.xx
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow LocalNet
http_access deny all
icp_access allow all
log_fqdn on
##### This side is to make the proxy tranparency
#httpd_accel_with_proxy on
#httpd_accel_uses_host_header on
#httpd_accel_host virtual
#httpd_accel_port 80
######------------------------------
error_directory /usr/share/squid/errors/English
#httpd_accel_uses_host_header off
#anonymize_headers deny From Referer Server
forwarded_for on
http_port ServerIP:8080 transparent
# no forwarded quite useless for an anonymizer
forwarded_for off
# no client stat
client_db off
# Paranoid anonymize
header_access Allow allow all
header_access Authorization allow all
header_access Cache-Control allow all
header_access Content-Encoding allow all
header_access Content-Length allow all
header_access Content-Type allow all
header_access Date allow all
header_access Expires allow all
header_access Host allow all
header_access If-Modified-Since allow all
header_access Last-Modified allow all
header_access Location allow all
header_access Pragma allow all
header_access Accept allow all
header_access Charset allow all
header_access Accept-Encoding allow all
header_access Accept-Language allow all
header_access Content-Language allow all
header_access Mime-Version allow all
header_access Retry-After allow all
header_access Title allow all
header_access Connection allow all
header_access Proxy-Connection allow all
header_access All deny all
header_access Cookie allow all
header_access Set-Cookie allow all
header_replace User-Agent Anonymous Proxy at example.com
View 3 Replies
View Related
Mar 18, 2007
I've been hearing other admins talk about using squid to speed thins up on web servers. Yes, not as a network proxy, but as simple cache engine for dinamic sites.
Any experience with this?
View 12 Replies
View Related
May 5, 2009
i successfully installed Squid Proxy on my other Dedicated server however that dedicated server had 50 ip address, i am wondering if i can use those ip address for my Squid Proxy?
View 5 Replies
View Related
Oct 10, 2008
Here's my story: The landlord provides the internet for the house and it goes through a server which has squid installed. Squid in turn seems to block the internal port (or whatever the exact term for that is) for phpmyadmin or webmail in cpanel so I cannot access them.
At my reseller account at Hostgator they said they redirected that port to port80 via mod rewrite and that now works for me. I wonder how I would do the same thing on a dedicated server. I can't see what Hostgator did since it's happening out of my sight somewhere. Otherwise I would just replicate that on my box.
View 1 Replies
View Related
Jun 25, 2009
I want to count the traffic for every IP passed through squid proxy server.
Is it possible to record the traffic numbers for every IP in external .txt file
It would be better if it can write outgoing and ingoing traffic.
View 7 Replies
View Related
Mar 27, 2009
I have an apache server on windows which I wanted to speed up using caching systems.
I tried installing squid, and I got it working with a basic example config. It seemed to work well, however under more heavy load I experienced some weird behaviour where network output is 0 for several seconds at the time, and all clients just hang in the wind and wait for a respons.
Remote to the server is working fine, so it's definitely a squid issue.. with only apache running the server is constantly sending out data, no halts there.
Any hints on what errors I should be looking for?
View 1 Replies
View Related
Jun 10, 2007
Is it possible to implement reverse proxy for Sever-A through Sever-B.
The issue is let's say, Server-A is located in Network-A, and the Sever-B is located in Network-B. And the users in Network-B are allowed to access only to Sever-B while the Sever-B itself can access to Server-A. So, when the users from Network-B access to Sever-B, the traffic will be proxied through Sever-B to Server-A transparently without letting the users notice about how's the traffics go. The Server-B will be linux, thus squid is the primary proxy application to deal with. Is it possible to do with squid or it needs some other application?
How about a comparison of mod_proxy for apache vs. squid as all Sever-B should do is forward the requests coming from Network-B to forward to Sever-A and acting as a middle box between the two network scopes transparently. All the users in Network-B should do is accessing the Sever-B and the requests will be transparently going to Server-A without any configuration is done at their browser or any kind of NAT/Firewall rules on either of the networks.
View 1 Replies
View Related
